[CentOS] Kind of OT: internal imap server

Andy Green andy at warmcat.com
Thu Aug 24 06:42:42 UTC 2006


Les Mikesell wrote:

>> policy unix - n n - - spawn user=nobody argv=/usr/bin/gps /etc/gps.conf
>                         ^^^^
> 
> Does that mean it starts a new process for every message? The milter
> interface chats over a socket to a long-running process so you
> don't have to initialize it every time.  MimeDefang also multiplexes
> to several slaves that do the scanning work so you don't have to
> serialize everything either.

I think spawn acts like an inittab entry, it hangs around itself and if 
the thing it spawned ever dies it cooks a new one.  I believe that 
postfix is also using Unix sockets to communicate with external apps. 
Pass on the muxing aspect I only know enough to get gps working.

>> I realize often the skills one acquires managing a particular setup can 
>> outweigh moving to another platform even if it is better, but one look 
>> at the need for a Makefile to translate one incomprehensible config 
>> format into a config format that sends grown men insane convinced me to 
>> back the Postfix horse :-)
> 
> I'm still missing the 'better' part.  And Makefiles have always

Fair enough, I did stick that cart before the horse.

> been a useful way to automate repetitive tasks - even better
> when someone else has written them and embedded the execution
> in the program startup script.

That must be why so much other software manages their config by 
converting it into gibberish by build tools, instead of the naive and 
unprofessional method of parsing a single level of config straight.

-Andy

BTW just saw this fly by

Package        : sendmail
Vulnerability  : programming error
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2006-1173
CERT advisory  : VU#146718
BugTraq ID     : 18433
Debian Bug     : 373801 380258

Frank Sheiness discovered that a MIME conversion routine in sendmail,
a powerful, efficient, and scalable mail transport agent, could be
tricked by a specially crafted mail to perform an endless recursion.

For the stable distribution (sarge) this problem has been fixed in
version 8.13.4-3sarge2.

For the unstable distribution (sid) this problem has been fixed in
version 8.13.7-1.

We recommend that you upgrade your sendmail package.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4492 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20060824/a323eaa0/attachment.bin>


More information about the CentOS mailing list